11/3/20

SDN
Software-Defined Networking

Traditional routing
• Forward packets through network(s)
• Control Plane:
– Maintain routing table based on network
topology
• Data Plane:
– Forwards packets

1
 11/3/20

Source: http://wiki.nil.com

Traditional routing: Disadvantages

• Difficult to make changes
• Constant communication between routers
• Static
• Dependent on hardware (vendors)

2
 11/3/20

SDN
Decouple control plane from data plane

Traditional Network Software Defined Network

Forwarding device with Forwarding device with

SDN Controller
embedded control decoupled control
5

SDN elements
• Controller
– Centralized decision making
– Programmable

• Switches
– Dumb
– Forwarding rules configured by controller

3
 11/3/20

Advantages
• Programmable
– Flexible
– Fine-grained traffic management
• Centralized view of network, so easier to:
– Compute paths/trees
– Add security
– Provide fault tolerance
– Etc.
7

Disadvantages
• Centralized
– Single point of failure (Multiple controllers
possible)
• Scalability:
– Processing power (controller)
• Initial delay when installing flows
reactively

4
 11/3/20

OpenFlow
Popular SDN
protocol/standard

Source: OpenFlow Switch Specification v1.5.1

PacketIn & FlowMod

10

10

5
 11/3/20

Some match options

IN_PORT Switch input port. IPV6_DST IPv6 dest. address.
IN_PHY_PORT Switch physical input port. IPV6_FLABEL IPv6 Flow Label.
METADATA Metadata passed between ICMPV6_TYPE ICMPv6 type.
tables. ICMPV6_CODE ICMPv6 code.
ETH_DST Ethernet destination address. IPV6_ND_TARGET Target
ETH_SRC Ethernet source address. address for ND.
ETH_TYPE Ethernet frame type. IPV6_ND_SLL Source link-layer for ND.
VLAN_VID VLAN id. IPV6_ND_TLL Target link-layer for ND.
VLAN_PCP VLAN priority. MPLS_LABEL MPLS label.
IP_DSCP IP DSCP (6 bits in ToS field). MPLS_TC MPLS TC.
IP_ECN IP ECN (2 bits in ToS field). OFPXMT_OFP_MPLS_BOS MPLS BoS
IP_PROTO IP protocol. bit.
IPV4_SRC IPv4 source address. PBB_ISID PBB I-SID.
IPV4_DST IPv4 destination address. TUNNEL_ID Logical Port Metadata.
TCP_SRC TCP source port. IPV6_EXTHDR IPv6 Extension Header
TCP_DST TCP destination port. pseudo-
UDP_SRC UDP source port. field.
UDP_DST UDP destination port. PBB_UCA PBB UCA header field.
SCTP_SRC SCTP source port.
SCTP_DST SCTP destination port.
ICMPV4_TYPE ICMP type.
ICMPV4_CODE ICMP code.
ARP_OP ARP
opcode.
ARP_SPA ARP
source IPv4 address.
ARP_TPA ARP target IPv4
address.
ARP_SHA ARP source hardware
address.
ARP_THA ARP target hardware
address. 11
IPV6_SRC IPv6 source address.

11

12
Source: OpenFlow Switch Specification v1.3

12

6
 11/3/20

Flow Table entries

• Match Fields:
– Ingress port
– Packet headers (e.g. protocol, dst)
– Metadata
• Priority
• Instructions

13

13

Instructions
• Update metadata
• Send to next flow table in pipeline
• Apply/Write actions:
– Output to port(s)
– Send to group
– Modify packet

14

14

7
 11/3/20

Example
Packet arrives at switch

eth_src: 77:77:77:77:77:77
etd_dst: 88:88:88:88:88:88
vlan_vid: 2

15

15

In_port: 1
Example eth_src: 77:77:77:77:77:77
etd_dst: 88:88:88:88:88:88
Flow Table 0 vlan_vid: 2

Match Prio Instructions

In_port = 1, vlan_vid = 1 3 Goto-Table 1
In_port = 1 2 Goto-Table 2, Write-Metadata 1, Write-Actions
push-VLAN 3, output 5
* 0 Apply-Actions drop

Action set
In_port: 1
eth_src: 77:77:77:77:77:77 push-VLAN 3
etd_dst: 88:88:88:88:88:88 output 5
vlan_vid: 2
metadata: 1
16

16

8
 11/3/20

In_port: 1
Example eth_src: 77:77:77:77:77:77
etd_dst: 88:88:88:88:88:88
Flow Table 2 vlan_vid: 2
metadata: 1

Match Prio Instructions

metadata = 1 3 Clear-Actions, Write-Actions output 2

metadata = 1, vlan_vid = 3 4 Write-Actions output 3

vlan_vid = 2 2 Write-Actions output 1

In_port: 1 Action set
eth_src: 77:77:77:77:77:77
etd_dst: 88:88:88:88:88:88 output 2
vlan_vid: 2
metadata: 1 17

17

Example
Execute action set

In_port: 1
eth_src: 77:77:77:77:77:77
etd_dst: 88:88:88:88:88:88 Port 2
vlan_vid: 2
metadata: 1
eth_src: 77:77:77:77:77:77
Action set etd_dst: 88:88:88:88:88:88
vlan_vid: 2
output 2

18

18

9
 11/3/20

Groups

• Additional forwarding functionality

• Action buckets:
– Actions
– Additional parameters
19

19

Group types
• All
– Execute all buckets
– Multicast/Broadcast
• Select
– Execute one bucket
– Load balancing
• Indirect
– Contains one bucket
• Fast Failover
– Execute first live bucket
– Failure Recovery
20

20

10
 11/3/20

Example

21

21

Send packet to printer

22

22

11
 11/3/20

Packet forwarded to controller

23

23

Install flows

24

24

12
 11/3/20

New network configuration

25

25

Send packet to printer

26

26

13
 11/3/20

Initial delay
• First packet(s) from new traffic flow
– Table miss
– Send to controller
• Delay
– Latency between switches and controller
– Processing Delay
• Can pre-install some (or all) flow entries
27

27

NFV

Network Functions Virtualization

28

28

14
 11/3/20

Middleboxes
RFC 3234: “A middlebox is defined as any intermediary
device performing functions other than the normal,
standard functions of an IP router on the datagram path
between a source host and destination host”

Examples:
• Firewall
• NAT
• Proxies
• DPI
• …
29

29

Middlebox disadvantages
• New functionality requires new box
• Static functionality:
– Cannot scale (dynamically)
– Cannot move (dynamically)
• Difficult to integrate & operate

30

30

15
 11/3/20

NFV: Decoupling SW & HW

Cloud-like
middleboxes for
cloud-like
advantages of
dynamic scaling and
placing
Source: ETSI NFV
white paper v2

31

31

Virtual Network Function (VNF)

• Multiple VNFs could (like VMs) share the
same hardware

• Some features:
– Portability (move VNFs)
– Elasticity (scale in/out)
– Resiliency (backup VNFs)
– Performance (QoS)
32

32

16
 11/3/20

Service Function Chaining (SFC)

• A.k.a. Network Service Chaining (NSC)
• A service might need multiple VNFs
traversed in a particular order
• “Stitching” of VNFs according to a
Forwarding Graph (a.k.a. Service Chain)

33

33

17